High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-22	CVE-2020-3184	SQL Injection vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. network low complexity cisco CWE-89	7.2
2018-06-07	CVE-2018-0322	Missing Authorization vulnerability in Cisco products A vulnerability in the web management interface of Cisco Prime Collaboration Provisioning (PCP) could allow an authenticated, remote attacker to modify sensitive data that is associated with arbitrary accounts on an affected device. network low complexity cisco CWE-862	8.8
2018-06-07	CVE-2018-0317	Missing Authorization vulnerability in Cisco products A vulnerability in the web interface of Cisco Prime Collaboration Provisioning (PCP) could allow an authenticated, remote attacker to escalate their privileges. network low complexity cisco CWE-862	8.8
2018-06-07	CVE-2017-6779	Resource Exhaustion vulnerability in Cisco products Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. network low complexity cisco CWE-400	7.5
2018-03-08	CVE-2018-0141	Use of Hard-coded Credentials vulnerability in Cisco products A vulnerability in Cisco Prime Collaboration Provisioning (PCP) Software 11.6 could allow an unauthenticated, local attacker to log in to the underlying Linux operating system. local low complexity cisco CWE-798	8.4
2018-02-22	CVE-2018-0204	Weak Password Requirements vulnerability in Cisco Prime Collaboration Provisioning 12.1 A vulnerability in the web portal of the Cisco Prime Collaboration Provisioning Tool could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition for individual users. network low complexity cisco CWE-521	7.5
2017-11-02	CVE-2017-12276	SQL Injection vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web framework code for the SQL database interface of the Cisco Prime Collaboration Provisioning application could allow an authenticated, remote attacker to impact the confidentiality and integrity of the application by executing arbitrary SQL queries, aka SQL Injection. network low complexity cisco CWE-89	8.1
2017-08-07	CVE-2017-6756	Cross-Site Request Forgery (CSRF) vulnerability in Cisco Prime Collaboration Provisioning 12.2 A vulnerability in the Web UI Application of the Cisco Prime Collaboration Provisioning Tool through 12.2 could allow an unauthenticated, remote attacker to execute unwanted actions. network low complexity cisco CWE-352	8.8
2017-05-18	CVE-2017-6621	Information Exposure vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to access sensitive data. network low complexity cisco CWE-200	7.5